Run snort as root user in pfSense this does not change much and allows to reload snort rather than stop start it.

1 files changed, 3 insertions, 1 deletions

diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php
index c936db9d..5043a624 100644
--- a/config/snort/snort_check_for_rule_updates.php
+++ b/config/snort/snort_check_for_rule_updates.php
@@ -669,10 +669,12 @@ if (is_dir('/usr/local/etc/snort/tmp')) {
 	exec("/bin/rm -r /usr/local/etc/snort/tmp/rules_bk");
 }
 
-/* make all dirs snorts */
+/* XXX: These are needed if snort is run as snort user
 mwexec("/usr/sbin/chown -R snort:snort /var/log/snort", true);
 mwexec("/usr/sbin/chown -R snort:snort /usr/local/etc/snort", true);
 mwexec("/usr/sbin/chown -R snort:snort /usr/local/lib/snort", true);
+*/
+/* make all dirs snorts */
 mwexec("/bin/chmod -R 755  /var/log/snort", true);
 mwexec("/bin/chmod -R 755  /usr/local/etc/snort", true);
 mwexec("/bin/chmod -R 755  /usr/local/lib/snort", true);